OIAC Draft Guidelines for Mandatory Data Breach Scheme

OIAC Draft Guidelines for Mandatory Data Breach Scheme

OIAC Draft Guidelines for Mandatory Data Breach Scheme

DGA Admin

The Office of the Australian Information Commissioner (OAIC) has released business resources for the new Notifiable Data Breaches (NDB) scheme set to commence in 2018. The NDB scheme was established earlier this year with the passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017. The NDB requires organisations covered by the Privacy Act 1988 (Cth) (“Privacy Act”) to notify individuals of eligible data breaches, or when directed to do so by the OAIC.

The resources, including resources to prepare for the NDB scheme, can be accessed on the OAIC’s new NDB website. The OAIC has also released its Draft Guidelines for the following aspects of the NDB scheme:

Entities covered by the NDB scheme

Notifying individuals about an eligible data breach

Identifying eligible data breaches

OAIC’s role in the NDB scheme

The OAIC is accepting comments and feedback on the above Draft Guidelines and general feedback on the scheme, including aspects of the scheme that require further clarification. The closing date for providing comments and feedback is 14 July 2017.

DGA is currently in the process of reviewing the Draft Guidelines and will provide feedback to the OAIC on the Draft Guidelines and other aspects of the scheme that require further clarification for its Members.

Data Governance Australia

The Data Governance Australia (DGA) is a not-for-profit association founded in 2016 in order to establish industry standards and bench marks around the collection, use and management of data in Australia.